In communications between two parties, encrypting the hash function of a message with a
symmetric key algorithm is equivalent to:
A.
Providing for secrecy of the message
B.
Generating a keyed Message Authentication Code (MAC)
C.
Generating a digital signature
D.
Generating a one-way function
Explanation:
A MAC is used to authenticate files between users. If the sender and receiver both have the secret
key, they are the only ones that can verify the hash function. If a symmetric key algorithm is used to
encrypt the one-way hash function, then the one-way hash function becomes a keyed MAC. Answer
“Generating a digital signature” is incorrect because a digital signature between two parties uses an
asymmetric key algorithm. If a message is encrypted with the sender’s private key, then only the
sender’s public key can decrypt the message. This proves that the message was sent by the sender
since only the sender knows the private key. In practice, asymmetric key encryption is very slow,
especially for long messages. Therefore, a one-way hash of the message is encrypted with the
sender’s private key instead of encrypting the complete message. Then, the message and the
encrypted hash are sent to a second party. The receiver takes the encrypted hash and decrypts it
with the sender’s public key. Then, the receiver takes the hash of the message, using the same oneway hash algorithm as the sender. The hash generated by the receiver is compared with the
decrypted hash sent with the message. If the two hashes are identical, the digital signature is
validated. Note that his method also will reveal if the message was changed en route, since the hash
calculated by the receiver will, then, be different from the encrypted hash sent along with the
message. Answer “Providing for secrecy of the message” is incorrect since encrypting the hash of the
message and sending the message in the clear does nothing to protect the confidentiality of the
message. Since the hash function is a one-way function, the message cannot be recovered from its
hash. Answer “Generating a one-way function” is incorrect since encrypting a hash of a message is
not a one-way function. If it were, it would be of no use since no one would be able to reverse the
process and decrypt it.